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BACKGROUND OF THE INVENTION • ; 



Field of the Invention 

The present invention relates to a method for collecting network usage 
data for a user, which belongs to the technical field of compute r network networks . 

Background of tho In vent i on 



Description of the Related Art 

As thejnternet evolves increasingly, users of thejntranet, Internet 

10 Service Prov i der Providers (hereinafter referred to as ISP) and broadband networks 
grow rapidly, the categories of network service are becoming profuse, and network 
usage is gradually diversified gradua ll y . In such a case, operators and managers of 
network services demand to master user's usage of network resources in detail so 
as to implement more flexible accounting, plan reasonably^ and manage and 

1 5 monitor network resources effectively. 

How to obtain Obtaining user network usage data in an efficient, 
accurate, and real-time manne r can be difficult. ^-Presently, a typical solution is to 
configure a monitoring server, which collects the data related with the address, port, 
and traffic in Internet Protocol (hereinafter referred to as IP) messages forwarded via 

20 routers and, on that basis, performs stat i st i cs perform statistical review and analysis 
to obtain network usage data of users. The flow is shown in Fie r Figure 1 . 

Though detailed network usage data can be obtained by using a 
monitoring server, that method has the following disadvantages: 
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1 . The method requires an additional high-performance N server; 
since the data volume to be collected is vast, thus support of mass storage devices 
is required, which increases networking cost. 

2. The method can collect only network resource occupation data 
5 such as IP address and port number, but is unable to determine the users who 

occupy the network resources. To support applications such as content accounting, 
further process is required. 

3. The method is poor in real-time feature and thus can't cannot 
meet the demand of real-time applications such as real-time accounting and 

10 real-time monitoring. 

BRIEF SUMMARY OF THE INVENTION 

An object The disclosed embodiments of the present invention is^e 

provide a method for collecting network usage data of a user, which uses 

association between NetStream technology and Remote Authentication Dial-In User 
1 5 Service (hereinafter referred to as Radius) Protocol to achieve efficient and real-time 

collection of network usage data of the user and provide essential data for network 

usage-based management and accounting. 

The method for collecting network usage data of a user according to 

the present invention comprises includes the following steps: 
20 (1 ) . an An access device authenticating and authorizing the user, 

and an Authentication, Authorization and Accounting Server (hereinafter referred to 

as AAA server) recording the user's network resource information that is 

authenticated and authorized; 

(2)r a router, during network access, recording network usage 
25 information, and sending the network usage information to a NetStream Collector 

(hereinafter referred to as NSC) with User Datagram Protocol (hereinafter referred 

to as UDP) messages; 
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(3) r the NSC aggregating the collected network usage information; 

and 

(4) r the association analysis server performing real-time association 
analysis for the aggregated network usage information and the user's network 

5 resource information uploaded from the AAA server to obtain detailed network 
usage data of the user. 

The access device in the method is any one of LAN switch, access 
server, or IP phone gateway. 

Step (1) in which an access device authenticates and authorizes the 
10 user and an AAA server records the user's network resource information compr i ses 
includes the following steps: 

(1) . the The access device sending the user's authentication and 
authorization data to the AAA server; 

(2) r the AAA server analyzing and recording the user's authentication 
15 and authorization data, and sending the control information of network access 

permission to the access device; 

(3) t the access device allocating resources to the user and sending 
the user's network resource information to the AAA server, which records the user's 
network resource information; and 

20 (4)t the AAA server forwarding the user's network resource 

information to the association analysis server in real time. 

Wherein, the resources allocated by the access device to the user 
comprise include : IP address, and start time and stop time of network access, as 
well as bandwidth (optional). The user's network resource information recorded by 

25 AAA serve r compr i ses includes : user's account number, start time and stop time of 
network access, IP address, network access location, and service attribute. 

In step (2) of the method, the network usage information recorded by 
the route r compr i s e s includes : source IP address, destination IP address, source 
port number, destination port number, number of bytes, and timestamp. 
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The association analysis in step (4) of the method is: matching the IP 
address and start time and stop time of network access in the user's network 
resource information to the IP address and timestamp in the network usage 
information, to determine the user corresponding to the network usage information. 
5 The advantage of the method for collecting network usage data of a 

user according to the present invention is: it will not affect network usage for the 
user; in addition, due to the advanced design of NetStream, the method will not 
degrade IP message forwarding rateTiristead, it may speed up the forwarding rate in 
certain cases. Through aggregation, association, and analysis, the method 

1 0 associates isolated network usage information with the.user's network resource 
information uploaded from the AAA server organically, so that it can collect the 
user's network resource usage information in real time and record accurately user 
access to websites (IP addresses), services (port numbers), and duration and traffic 
in a certain time period. Furthermore, the network usage information collected with 

1 5 this method is comprehensive, and the data is compact through aggregation; thus 
the method will not occupy vast storag o rooourco resources . The final network 
usage data created with this method may be oriented to users directly, to meet the 
data demand of diverse applications, such as content accounting, destination IP 
accounting, real-time accounting, network monitoring, and user behavior analysis. 

20 In addition, the method is advantageous in real-time feature and can meet the 
real-time demand of the majority of applications. 

BRIEF DESCRIPTION OF THE DRAWINGS 

F4§T-Fjgure_1 is the-a_networking diagram of the commonly used 
method for collecting network usage data presently;_and 
25 F4§rFjgure_2 is the networking diagram of the method for collecting 

network usage data of a user according to the present invention. 
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DETAILED DESCRIPTION OF THE EMBOD I MENTS INVENTION 

The present invention employs the networking solution 10 as shown in 
F%t Figure 2. Firstly, the-an access device 12 authenticates and authorizes the-a 
useM4, and the-an AAA server 16^recdrds the user's network resource information 
5 authenticated and authorized^ Next, during network access, the-a_router 18 records 
network usage information , such as from the Internet 20, and sends the network 
usage information to an NSC 22 with UDP messages^ the- The NSC 22 aggregates 
the collected network usage information^ the- and an association analysis server 24 
performs real-time association analysis for the aggregated network usage 

10 information and the user's network resource information uploaded from the AAA 
server 16 to obtain detailed network usage data of the user 14. 

The access device 12_in the method may be any one of LAN switch, 
access server, or IP phone gateway. 

In the method, the process in which aMhe access device 12 

1 5 authenticates and authorizes the user 14 and afHthe AAA server 16 records the 
user's network resource information is as follows: firstivr- Firstlv. t he access device 
12 sends the user's authentication and authorization data to the AAA server 16.t _the 
Next the AAA server 16 analyzes and records the user's authentication and 
authorization data T and sends the network access control information to the access 

20 device 12; the access 12 device allocates resources to the user 14 and sends the 
user's network resource information to the AAA serveM6, which records the user's 
network resource information^: the- The AAA server 16 forwards the user's network 
resource information to the association analysis server 24jn real time. Wherein, the 
resources allocated by the access device 12 to the use r compr i se include : IP 

25 address, and start time and stop time of network access, as well as bandwidth 

(optional). The user's network resource information recorded by the AAA server 16 
includes compr i GO G: a_user's account number, start time and stop time of network 
access, IP address, network access location, and service attribute. 
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In the method, the network usage information recorded by the router 
18 includes comprisos : source IP address, destination IP address, source port 
number, destination port number, number of bytes, and timestamp. 

The association analysis in the method comprisos includes matching 
5 the IP address and the start time and stop time of network access in the user's 
network resource information to the IP address and the timestamp in the network 
usage information, to determine the user corresponding to the network usage 
information. 

All of the above U.S. patents, U.S. patent application publications. 
10 U.S. patent applications, foreign patents, foreign patent applications and non-patent 
publications referred to in this specification and/or listed in the Application Data 
Sheet, are incorporated herein bv reference, in their entirety. 

From the foregoing it will be appreciated that, although specific 
embodiments of the invention have been described herein for purposes of 
15 illustration, various modifications may be made without deviating from the spirit and 
scope of the invention. Accordingly, the invention is not limited except as bv the 
appended claims. 
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Field of the Invention 

The present invention relates to a method for collecting network usage 
data for a user, which belongs to the technical field of computer networks. 

Description of the Related Art 

As the Internet evolves increasingly, users of the Intranet, Internet 
Service Providers (hereinafter referred to as ISP) and broadband networks grow 
rapidly, the categories of network service are becoming profuse, and network usage 
is gradually diversified. In such a case, operators and managers of network services 
demand to master user's usage of network resources in detail so as to implement 
more flexible accounting, plan reasonably, and manage and monitor network 
resources effectively. 

Obtaining user network usage data in an efficient, accurate, and 
real-time manner can be difficult. Presently, a typical solution is to configure a 
monitoring server, which collects the data related with the address, port, and traffic 
in Internet Protocol (hereinafter referred to as IP) messages forwarded via routers 
and, on that basis, perform statistical review and analysis to obtain network usage 
data of users. The flow is shown in Figure 1 . 

Though detailed network usage data can be obtained by using a 
monitoring server, that method has the following disadvantages: 

1 . The method requires an additional high-performance server; 
since the data volume to be collected is vast, thus support of mass storage devices 
is required, which increases networking cost. 

2. The method can collect only network resource occupation data 
such as IP address and port number, but is unable to determine the users who 
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occupy the network resources. To support applications such as content accounting, 
further process is required. 

3. The method is poor in real-time feature and thus cannot meet 
the demand of real-time applications such as real-time accounting and real-time 
5 monitoring. 

BRIEF SUMMARY OF THE INVENTION 

The disclosed embodiments of the present invention provide a method 

for collecting network usage data of a user, which uses association between 

NetStream technology and Remote Authentication Dial-In User Service (hereinafter 
10 referred to as Radius) Protocol to achieve efficient and real-time collection of 

network usage data of the user and provide essential data for network usage-based 

management and accounting. 

The method for collecting network usage data of a user according to 

the present invention includes the following steps: 
15 (1) An access device authenticating and authorizing the user, and an 

Authentication, Authorization and Accounting Server (hereinafter referred to as AAA 

server) recording the user's network resource information that is authenticated and 

authorized; 

(2) a router, during network access, recording network usage 

20 information, and sending the network usage information to a NetStream Collector 
(hereinafter referred to as NSC) with User Datagram Protocol (hereinafter referred 
to as UDP) messages; 

(3) the NSC aggregating the collected network usage information; and 

(4) the association analysis server performing real-time association 
25 analysis for the aggregated network usage information and the user's network 

resource information uploaded from the AAA server to obtain detailed network 
usage data of the user. 
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The access device in the method is any one of LAN switch, access 
server, or IP phone gateway. 

Step (1) in which an access device authenticates and authorizes the 
user and an AAA server records the user's network resource information includes 
5 the following steps: 

(1) The access device sending the user's authentication and 
authorization data to the AAA server; 

(2) the AAA server analyzing and recording the user's authentication 
and authorization data, and sending the control information of network access 

1 0 permission to the access device; 

(3) the access device allocating resources to the user and sending the 
user's network resource information to the AAA server, which records the user's 
network resource information; and 

(4) the AAA server forwarding the user's network resource information 
1 5 to the association analysis server in real time. 

Wherein, the resources allocated by the access device to the user 
include: IP address, and start time and stop time of network access, as well as 
bandwidth (optional). The user's network resource information recorded by AAA 
server includes: user's account number, start time and stop time of network access, 
20 IP address, network access location, and service attribute. 

In step (2) of the method, the network usage information recorded by 
the router includes: source IP address, destination IP address, source port number, 
destination port number, number of bytes, and timestamp. 

The association analysis in step (4) of the method is: matching the IP 
25 address and start time and stop time of network access in the user's network 
resource information to the IP address and timestamp in the network usage 
information, to determine the user corresponding to the network usage information. 

The advantage of the method for collecting network usage data of a 
user according to the present invention is: it will not affect network usage for the 
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user; in addition, due to the advanced design of NetStream, the method will not 
degrade IP message forwarding rate; instead, it may speed up the forwarding rate in 
certain cases. Through aggregation, association, and analysis, the method 
associates isolated network usage information with the user's network resource 
5 information uploaded from the AAA server organically, so that it can collect the 
user's network resource usage information in real time and record accurately user 
access to websites (IP addresses), services (port numbers), and duration and traffic 
in a certain time period. Furthermore, the network usage information collected with 
this method is comprehensive, and the data is compact through aggregation; thus 

10 the method will not occupy vast storage resources. The final network usage data 
created with this method may be oriented to users directly, to meet the data demand 
of diverse applications, such as content accounting, destination IP accounting, 
real-time accounting, network monitoring, and user behavior analysis. In addition, 
the method is advantageous in real-time and can meet the real-time demand of the 

1 5 majority of applications. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Figure 1 is a networking diagram of the commonly used method for 
collecting network usage data presently; and 

Figure 2 is the networking diagram of the method for collecting 
20 network usage data of a user according to the present invention. 

DETAILED DESCRIPTION OF THE INVENTION 

The present invention employs the networking solution 1 0 as shown in 
Figure 2. Firstly, an access device 12 authenticates and authorizes a user 14, and 
an AAA server 16 records the user's network resource information authenticated 
25 and authorized. Next, during network access, a router 18 records network usage 
information, such as from the Internet 20, and sends the network usage information 
to an NSC 22 with UDP messages. The NSC 22 aggregates the collected network 



4 



usage information, and an association analysis server 24 performs real-time 
association analysis for the aggregated network usage information and the user's 
network resource information uploaded from the AAA server 16 to obtain detailed 
network usage data of the user 14. 
5 The access device 12 in the method may be any one of LAN switch, 

access server, or IP phone gateway. 

In the method, the process in which the access device 12 
authenticates and authorizes the user 14 and the AAA server 16 records the user's 
network resource information is as follows: Firstly, the access device 12 sends the 

10 user's authentication and authorization data to the AAA server 16. Next the AAA 
server 16 analyzes and records the user's authentication and authorization data and 
sends the network access control information to the access device 12; the access 
12 device allocates resources to the user 14 and sends the user's network resource 
information to the AAA server 16, which records the user's network resource 

1 5 information. The AM server 1 6 forwards the user's network resource information to 
the association analysis server 24 in real time. Wherein, the resources allocated by 
the access device 12 to the user include: IP address, and start time and stop time of 
network access, as well as bandwidth (optional). The user's network resource 
information recorded by the AAA server 16 includes: a user's account number, start 

20 time and stop time of network access, IP address, network access location, and 
service attribute. 

In the method, the network usage information recorded by the router 
18 includes: source IP address, destination IP address, source port number, 
destination port number, number of bytes, and timestamp. 
25 The association analysis in the method includes matching the IP 

address and the start time and stop time of network access in the user's network 
resource information to the IP address and the timestamp in the network usage 
information, to determine the user corresponding to the network usage information. 
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All of the above U.S. patents, U.S. patent application publications, 
U.S. patent applications, foreign patents, foreign patent applications and non-patent 
publications referred to in this specification and/or listed in the Application Data 
Sheet, are incorporated herein by reference, in their entirety. 

From the foregoing it will be appreciated that, although specific 
embodiments of the invention have been described herein for purposes of 
illustration, various modifications may be made without deviating from the spirit and 
scope of the invention. Accordingly, the invention is not limited except as by the 
appended claims. 
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